Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
File:                     aBFGMD9XUewN_C71R6qyR69OaB8.mft (raw, json)
Hash identifier:          GvvxNLNrqE3ZRe52Tfd+Rl0DEXh0cu0lvSbKCIq+Avw=
Subject key identifier:   45:B0:38:2F:96:F7:EF:88:6A:E4:73:83:67:F6:0B:E0:9C:F1:96:16
Authority key identifier: 68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F
Certificate issuer:       /CN=681146303f5751ec0dfc2ef547aab247af4e681f
Certificate serial:       0199FBEB8A34328DCE8AAE47C3CCE7F1A240
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
Manifest number:          0DC2
Signing time:             Sun 19 Oct 2025 10:02:21 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:21 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:21 +0000
Files and hashes:         1: aBFGMD9XUewN_C71R6qyR69OaB8.crl (hash: I1id4asv6ISe8dnu9bnKo0XS+sj3kF46ouk72URfMek=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:8a:34:32:8d:ce:8a:ae:47:c3:cc:e7:f1:a2:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=681146303f5751ec0dfc2ef547aab247af4e681f
        Validity
            Not Before: Oct 19 10:02:21 2025 GMT
            Not After : Oct 20 10:02:21 2025 GMT
        Subject: CN=45b0382f96f7ef886ae4738367f60be09cf19616
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:9b:83:47:2b:33:5c:fa:6c:b9:f7:68:47:93:
                    57:3f:18:07:6c:b7:3d:55:ae:6d:00:fb:10:25:c6:
                    16:75:15:7d:e1:42:fd:bd:22:88:45:3b:09:48:69:
                    c6:dd:fe:db:1e:f9:12:94:a8:e3:40:1f:34:f0:f1:
                    31:55:a3:80:c0:bc:ec:35:3f:c4:9f:6a:b0:ce:31:
                    eb:c2:17:16:eb:96:19:32:32:0c:2d:d7:b0:03:b0:
                    33:8d:d7:d5:50:30:c4:02:85:8b:45:f2:99:c3:bf:
                    fc:b2:2c:32:83:71:4a:f7:78:81:0a:9c:1d:b7:db:
                    a0:47:3e:7f:d2:49:97:a9:82:26:01:75:c4:fa:6a:
                    1a:8c:fb:28:a7:fc:58:34:d3:21:9f:55:7f:64:02:
                    e4:d2:fc:bd:d5:3a:79:94:08:32:82:cb:11:c5:45:
                    92:73:d2:31:a4:64:31:9c:2d:6e:8a:38:04:2a:35:
                    63:2f:ef:65:da:5f:e0:05:db:4f:a6:0e:94:0a:6b:
                    a9:bc:50:ca:be:90:e8:12:99:bf:ec:39:12:21:0b:
                    e6:ca:a0:34:e2:b2:b1:4b:a3:bc:71:7e:73:02:db:
                    a1:3f:ef:1b:8b:c4:8f:7f:b4:4c:41:47:b0:d8:08:
                    fa:d3:07:86:97:ae:1e:4d:5d:e0:b9:71:7f:cd:b7:
                    c0:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:B0:38:2F:96:F7:EF:88:6A:E4:73:83:67:F6:0B:E0:9C:F1:96:16
            X509v3 Authority Key Identifier:
                keyid:68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:c3:7a:d6:83:fc:31:be:c1:d5:ab:9c:dc:ae:30:69:eb:b2:
         77:b3:d2:e8:0b:50:d6:ba:30:29:58:fd:6e:1e:e4:b2:17:b7:
         0d:36:9b:7e:45:30:d1:32:2e:35:d7:b5:99:10:6c:24:df:84:
         0c:fa:ad:18:12:a4:84:c5:65:99:15:e0:5b:d2:bd:68:ea:cf:
         e5:c0:78:da:38:1a:fe:c3:12:25:a0:89:86:48:57:29:84:43:
         cb:7b:e3:62:c3:26:85:b2:73:07:c8:10:b9:37:c0:88:e8:7e:
         58:cc:29:13:5a:63:89:a1:41:30:65:70:7a:00:95:76:15:4f:
         ae:1c:6f:51:78:1e:e7:8a:85:ed:60:e1:8b:08:ca:e2:0f:b7:
         fd:73:80:d6:96:b0:7a:f3:50:88:5a:ee:41:32:82:ab:56:0d:
         e8:9e:48:d3:dd:69:8b:a2:cf:3e:1c:7b:d7:37:78:e6:9f:a8:
         bb:4a:a9:5c:ea:0b:b9:88:48:ae:71:62:29:3f:6f:70:9e:23:
         d0:34:9f:cf:6b:b4:12:04:cf:8f:7d:b3:e2:ba:f0:33:9b:18:
         48:95:c3:c7:b9:19:de:14:79:1f:c6:15:94:5d:c7:eb:ba:ab:
         49:33:50:99:32:01:96:d4:ff:fa:6b:f0:2a:ad:e0:b8:b9:0a:
         cf:26:12:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn764o0Mo3Oiq5Hw8zn8aJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTE0NjMwM2Y1NzUxZWMwZGZjMmVmNTQ3YWFiMjQ3YWY0
ZTY4MWYwHhcNMjUxMDE5MTAwMjIxWhcNMjUxMDIwMTAwMjIxWjAzMTEwLwYDVQQD
Eyg0NWIwMzgyZjk2ZjdlZjg4NmFlNDczODM2N2Y2MGJlMDljZjE5NjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppuDRyszXPpsufdoR5NXPxgHbLc9
Va5tAPsQJcYWdRV94UL9vSKIRTsJSGnG3f7bHvkSlKjjQB808PExVaOAwLzsNT/E
n2qwzjHrwhcW65YZMjIMLdewA7AzjdfVUDDEAoWLRfKZw7/8siwyg3FK93iBCpwd
t9ugRz5/0kmXqYImAXXE+moajPsop/xYNNMhn1V/ZALk0vy91Tp5lAgygssRxUWS
c9IxpGQxnC1uijgEKjVjL+9l2l/gBdtPpg6UCmupvFDKvpDoEpm/7DkSIQvmyqA0
4rKxS6O8cX5zAtuhP+8bi8SPf7RMQUew2Aj60weGl64eTV3guXF/zbfA+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWwOC+W9++IauRzg2f2C+Cc8ZYWMB8GA1UdIwQY
MBaAFGgRRjA/V1HsDfwu9UeqskevTmgfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQt
NGEzNzMzZjQ3MjJiLzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQtNGEzNzMzZjQ3MjJi
LzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARMN61oP8
Mb7B1auc3K4waeuyd7PS6AtQ1rowKVj9bh7kshe3DTabfkUw0TIuNde1mRBsJN+E
DPqtGBKkhMVlmRXgW9K9aOrP5cB42jga/sMSJaCJhkhXKYRDy3vjYsMmhbJzB8gQ
uTfAiOh+WMwpE1pjiaFBMGVwegCVdhVPrhxvUXge54qF7WDhiwjK4g+3/XOA1paw
evNQiFruQTKCq1YN6J5I091pi6LPPhx71zd45p+ou0qpXOoLuYhIrnFiKT9vcJ4j
0DSfz2u0EgTPj32z4rrwM5sYSJXDx7kZ3hR5H8YVlF3H67qrSTNQmTIBltT/+mvw
Kq3guLkKzyYSlQ==
-----END CERTIFICATE-----